Re: [m0n0wall] How to disable remote admin ?

From:	Joey Morin <jmorin at icomm dot ca>
To:	Jean-Francois Theroux <jftheroux at privalodc dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] How to disable remote admin ?
Date:	Thu, 24 Jun 2004 12:38:46 -0400 (EDT)

This one time, at band camp, Jean-Francois Theroux said:

> 1. it's only enabled on the LAN side. By default, it's disabled from the
> WAN side.
>
> 2. Use the latest beta and you won't see that m0n0wall access denied
> message again
>
> hfk at free dot fr wrote:
>
> > Does someone know how to disable remote administration ?
> >
> > Why is it enabled by default ?
> >
> > And it tells about the system when password fails 3 times !!!
> >
> > "monowall, access denied"
> >
> > that's kind a very bad "surprise", isn't it ?

it would only be enabled on the WAN side if you have a permit rule that
includes port 80 (or 443 if you're configured for https), but which
isn't nat'd to some other machine.

i use remote admin, but on https, and to be sure i know what's happening,
i also create a nat rule:
	WAN -> TCP -> some external port -> 127.0.0.1 -> local port 443
and i allow it to create it's own firewall rule.

i can then enable or disable this with a single click.

jj